Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

WIP: test: local mTLS connection #5

Closed
wants to merge 2 commits into from
Closed

WIP: test: local mTLS connection #5

wants to merge 2 commits into from

Conversation

rkdefra
Copy link
Contributor

@rkdefra rkdefra commented Mar 18, 2025

  • create local testing SSL assets using the convenience script:

     test/acceptance/setup-mtls.sh

    Using common name: localhost
    This can be changed by passing a command line argument to the script:
    test/acceptance/setup-mtls.sh my-common-name

    Setting up mutual TLS assets...
    ✔ generate private key: ./mtls/ca.key
    ✔ generate certificate signing request: ./mtls/ca.csr
    ✔ sign certificate: ./mtls/ca.crt
    ✔ generate private key: ./mtls/server.key
    ✔ generate certificate signing request: ./mtls/server.csr
    ✔ sign certificate: ./mtls/server.crt
    ✔ generate private key: ./mtls/client.key
    ✔ generate certificate signing request: ./mtls/client.csr
    ✔ sign certificate: ./mtls/client.crt
    MTLS setup complete

  • start a simple Node server and make an mTLS request (using the generated assets)

    node test/acceptance/api.ruraldev-mock.js

    handling request...
    valid
    200
    { status: 'ok' }

  • adapt the simple server example into a basic KITS mock sufficient for the API's /get-business route

  • write an acceptance test to call the /get-business route

  • extend the docker compose.yml to add in the KITS mock as a service

  • run the acceptance test against the docker composed services to verify correct mTLS compatibility

rkdefra added 2 commits March 18, 2025 17:08
@rkdefra
chore: generate SSL assets for mTLS
f34eb4d 
Add a script to generate the CA, keys, and certs necessary for
client/server mTLS.
Ignore the generated assets (do not commit them), as they will be
generated just in time for use.
@rkdefra
test: example client/server mTLS request
eb03754 
...using assets generated by the convenience script.
@rkdefra
Copy link
Contributor Author

rkdefra commented Mar 28, 2025

Closing, as this work has been rebased into main on top of the proper API code in #15

@rkdefra rkdefra closed this Mar 28, 2025
@rkdefra rkdefra deleted the test/local-mtls-connection branch March 28, 2025 12:33
@rkdefra rkdefra restored the test/local-mtls-connection branch April 1, 2025 12:26
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@rkdefra